Menu
Reply
Tuning in
  • 8
  • 0
  • 1
Registered: ‎13-04-2014
Message 1 of 8 (194 Views)

Why are Virgin Media passwords so dangerously insecure?

It's ages since I changed my email password, so I thought I would change it today to keep up my security. However, I am shocked to find that Virgin Media passwords are still limited to only ten alpha-numeric characters! This is the most limited password system that I'm using on any of my computer services, from any company.

My 'KeePass' security utility rates every password that I use, and the extremely limited Virgin Media password only just makes it out of the orange "dangerous" region, right at the bottom of the scale!

Bearing in mind that my Virgin Media password not only gives full access to my account, but also all of my email, why are Virgin continuing to use a system which is so dangerous for its users?

We've seen over the past few years that many computer services companies have been hacked, and various sensitive security information has been stolen. Why are Virgin Media making it easier for potential thieves to crack any stolen passwords?

Are the passwords deliberately being limited to allow Virgin, or other third parties, to access customer accounts? If not, why is the limitation in place?

Reply
0 Kudos
Tuning in
  • 11
  • 0
  • 3
Registered: 2 weeks ago
Message 2 of 8 (186 Views)

Re: Why are Virgin Media passwords so dangerously insecure?

I'd also like an answer to this.

The password requirements for both this account, and the router are ridiculous.
Superuser
  • 16.01K
  • 1.39K
  • 2.54K
Registered: ‎11-08-2009
Message 3 of 8 (185 Views)

Re: Why are Virgin Media passwords so dangerously insecure?

[ Edited ]

There is another discussion about the passwords on here http://community.virginmedia.com/t5/Security-matters/Idiotic-password-policy/td-p/3360311

**********************************
I work for Virgin Media - but all opinions posted here are my own
Reply
0 Kudos
Tuning in
  • 8
  • 0
  • 1
Registered: ‎13-04-2014
Message 4 of 8 (177 Views)

Re: Why are Virgin Media passwords so dangerously insecure?

[ Edited ]

Lol, so as I searched for the topic of password security a couple of times before creating a new thread, it seems to indicate that not only is VM's password policy very bad, but their forum search tools are pretty ropey too! *Sigh* :-D
Thanks for the pointer BenMcr.

Reply
0 Kudos
Superfast
  • 190
  • 6
  • 72
Registered: ‎04-06-2015
Message 5 of 8 (172 Views)

Re: Why are Virgin Media passwords so dangerously insecure?

Oh lord, not again! Smiley Frustrated

Do you know how long it'd take to break a 10 character, mix-alphanumeric password? It's not dangerously insecure at all, far from it... don't believe everything your PW manager tells you Smiley Happy

Tuning in
  • 8
  • 0
  • 1
Registered: ‎13-04-2014
Message 6 of 8 (164 Views)

Re: Why are Virgin Media passwords so dangerously insecure?

[ Edited ]

Yes, again. So long as Virgin Media refuses to even acknowledge this problem, let alone do anything constructive about it, then I'm sure that concerned customers will continue to raise this important issue, and rightly so.

There are tools available on the web which can crack simple 10-char alpha-numerics within a few hours. A hacker could steal VM account details, leave their software running for a time to crack the passwords, and have dozens of fully-open VM accounts and email accounts to browse through.

PaulMoore, have you ever worked for a computer security company such as Dr Solomon's Software, or McAfee? I have, and I know what I'm talking about.

Thanks for nothing Mr Shill.

Reply
0 Kudos
Superfast
  • 190
  • 6
  • 72
Registered: ‎04-06-2015
Message 7 of 8 (156 Views)

Re: Why are Virgin Media passwords so dangerously insecure?

[ Edited ]

"There are tools available on the web which can crack simple 10-char alpha-numerics within a few hours"

That's a different scenario than the one you presented.  I didn't say you couldn't choose a weak 10 character password... I said a correctly-chosen 10 character password isn't "dangerously insecure".  You've already mentioned your use of KeePass, which suggests any password (regardless of length) is cryptographically random and thus, much more secure than a password chosen by any human.

Instead of questioning my background (OSINT works wonders btw) or labelling me a shill, can you explain or justify (in detail) exactly how your truly random, 10 character password would be broken and the timescale for such an attack?

It's also worth mentioning, an attacker wouldn't have to crack VM passwords... they're not hashed in the first place.

Thanks.

Superfast
  • 190
  • 6
  • 72
Registered: ‎04-06-2015
Message 8 of 8 (65 Views)

Re: Why are Virgin Media passwords so dangerously insecure?

Would be interested to hear your comments OP....
Reply
0 Kudos